The Big Game
Technologists are curious people by nature. Additionally members of the cyber security tribe are also—whether by nature or training—a bit paranoid. Thus as Super Bowl 53 kicks off today, CyberWeekly readers may be curious how cyber security affects the Super Bowl and the City of Atlanta, which was devastated by the SamSam ransomware just last year.
Feds Have Arrived
For starters the City of Atlanta and the big game are under the protection of around 600 personnel from DHS, FBI and other federal and city agencies. Homeland Security Secretary Kirstjen Nielsen stated, authorities have conducted “more than 100 different physical and cybersecurity assessments.” Amongst those 600 security personnel, there are around 60 cyber specialists from the DHS’s Cybersecurity Infrastructure Security Agency (CISA) onsite. While for many Americans the Super Bowl is simply a day for TV, nachos and Sunday beers with friends, Tracy Reinhold, CSO of Everbridge, informs us that “Atlanta has been planning for this event for the past two years.”
Special Security Event
For our non-American CyberWeekly readers I should explain why from a security perspective the Super Bowl is unique. Of America’s major sports championships, it is the only championship played in one game. The event takes place one day in a single location, as opposed to being a best-of-five or -seven competition taking place between two cities.
That’s likely why the Department of Homeland Security classifies the Super Bowl as a SEAR 1 (Special Event Assessment Rating) event. The heightened risk associated with the game is why DHS considers the Super Bowl a National Special Security Event (NSSE)—an event of national or international significance deemed to be a potential target for terrorism or other criminal activity by DHS. To put that in perspective, the two NSSE events of 2018 were Super Bowl 52 and the State Funeral of former US President George H.W. Bush.
Stadium Information Security Risks
Cybersecurity writer Karen Walsh highlights a few information security risks to stadiums, like the Mercedes-Benz Stadium:
The public and private wifi connections, just as any wifi, can be compromised.
Similar to a smart home, the automation of things like power, heat, and media in stadiums creates vulnerability.
Most likely the biggest problem for an individual would be identity theft.
Cyber Protection
According to Klint Walker, a DHS cybersecurity adviser in Atlanta, “Usually about nine months out, we’re really starting to jump in with our cyber assessments.” Those assessments include network scans, patching recommendations, and penetration testing. With a DHS cyber official at each operational center, this year will be one of the biggest DHS cyber security operations at a Super Bowl to date.
No matter who you’re cheering for today—even if you’re simply cheering for a good game—we’re all cheering for a safe event. While the Super Bowl has been a big physical security event for decades, it’s good to see the cyber security is not an afterthought.
Now get back to your Super Bowl party.
Hope you’ve enjoyed this SPECIAL EDITION of the CyberWeekly Newsletter. Please share with a friend or colleague.
Click here to subscribe to the CyberWeekly Newsletter.
Stay vigilant,
Oritse J. Uku, Editor-in-Chief
Disclaimer: The opinions expressed in this newsletter are my own.